topic Re: Two leading Netgear routers are vulnerable to a severe security flaw in Nighthawk WiFi Routershttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1185140#M43997
Count me in. Just bought this in July, and all Netgear can say is "uh, we know you spent $200 in this, but you shouldn't use it anymore"?<BR /><BR />I hope this changes soonFri, 09 Dec 2016 20:21:01 GMTmeetloaf2016-12-09T20:21:01ZNETGEAR Routers and CVE-2016-582384 security vulnerabilityhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1185124#M43993
<P>I am a bit concerned about this recent article: <A href="http://www.zdnet.com/article/two-netgear-routers-are-vulnerable-to-trivial-to-remote-hack/" target="_blank">http://www.zdnet.com/article/two-netgear-routers-are-vulnerable-to-trivial-to-remote-hack/</A> <A href="https://www.kb.cert.org/vuls/id/582384" target="_blank">https://www.kb.cert.org/vuls/id/582384</A> Details: Overview Netgear R7000 and R6400 routers and possibly other models are vulnerable to arbitrary command injection. Description CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') Netgear R7000, firmware version 1.0.7.2_1.1.93 and possibly earlier, and R6400, firmware version 1.0.1.6_1.0.4 and possibly earlier, contain an arbitrary command injection vulnerability. By convincing a user to visit a specially crafted web site, a remote attacker may execute arbitrary commands with root privileges on affected routers. A LAN-based attacker may do the same by issuing a direct request, e.g. by visiting: http:///cgi-bin/;COMMAND An exploit leveraging this vulnerability has been publicly disclosed. Impact By convincing a user to visit a specially crafted web site, a remote attacker may execute arbitrary commands with root privileges on affected routers. Solution The CERT/CC is currently unaware of a practical solution to this problem and recommends the following workaround. Discontinue use Exploiting this vulnerability is trivial. Users who have the option of doing so should strongly consider discontinuing use of affected devices until a fix is made available. --------------------------- Can someone from NetGear address this issue? I am running one level behind on my firmware, because I liked the fact that my router could double as my ARLO base station. However, reading this warning from CERT is causing me to be concerned. This router was not cheap, and I have had it for less than a year. If I have to get rid of it, becaue the issue cannot be resolved, then I would like some kind of compensation or trade in value. Regards.</P>Sun, 25 Dec 2016 00:48:58 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1185124#M439933v3ntH0riz0n2016-12-25T00:48:58ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1185140#M43997
Count me in. Just bought this in July, and all Netgear can say is "uh, we know you spent $200 in this, but you shouldn't use it anymore"?<BR /><BR />I hope this changes soonFri, 09 Dec 2016 20:21:01 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1185140#M43997meetloaf2016-12-09T20:21:01ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1185159#M44003
<P>For R7000, there are options... Go&nbsp;<A href="http://www.linksysinfo.org/index.php?threads/asuswrt-merlin-on-netgear-r7000.71108/" target="_blank">here</A> and load this firmware. Easy instructions on top page. Problem solved..</P>Fri, 09 Dec 2016 20:51:13 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1185159#M44003netwrks2016-12-09T20:51:13ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1185206#M44011
<P>Sure, I could do something like that, but I would suspect that puts me out of support for this router. &nbsp;Not to mention I am one level behind because I don't want to run my arlo base station, my router manages the cameras. &nbsp;Really wish they would keep that going with newer builds. &nbsp;I am hoping that NetGear can add a comment here, saying they are at least aware and working on a fix. &nbsp;I'd rather know that they are going to do something, before putting a different os on the router. &nbsp;But thanks for that link. Question, did you attempt to load that on your router? &nbsp;Are you running that build now? &nbsp;</P>Fri, 09 Dec 2016 21:41:04 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1185206#M440113v3ntH0riz0n2016-12-09T21:41:04ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1185268#M44019
<P>When you bought the r7000 did it advertise the Arlo option?</P>
<P>&nbsp;</P>
<P>Also I used the suggested FW without a problem.</P>Fri, 09 Dec 2016 23:07:43 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1185268#M44019Retired_Member2016-12-09T23:07:43ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1185270#M44020
<BLOCKQUOTE><HR /><LI-USER uid="304712"></LI-USER> wrote:<BR /><P>Sure, I could do something like that, but I would suspect that puts me out of support for this router. &nbsp;Not to mention I am one level behind because I don't want to run my arlo base station, my router manages the cameras. &nbsp;Really wish they would keep that going with newer builds. &nbsp;I am hoping that NetGear can add a comment here, saying they are at least aware and working on a fix. &nbsp;I'd rather know that they are going to do something, before putting a different os on the router. &nbsp;But thanks for that link. Question, did you attempt to load that on your router? &nbsp;Are you running that build now? &nbsp;</P><P>&nbsp;</P><P>I have 3 R7000's loaded with I believe&nbsp;380_6.2.1. Used various version of Auswrt-Merlin firmware for a couple of years, with no issues. &nbsp;All 3 R7000's are powered off and up for sale now. I am running Unifi WAP's and a bunch of Ubiquity devices (router and switches). Grew tired of the home router consumer niche..</P><HR /></BLOCKQUOTE><P>&nbsp;</P>Fri, 09 Dec 2016 23:11:45 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1185270#M44020netwrks2016-12-09T23:11:45ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1185271#M44021
<P>No it wasn't. &nbsp;It was a nice suprise with a firmware update, that they removed in the build shortly after. &nbsp;So you flashed out of your netgear OS on your router, using that link provided? &nbsp;</P>Fri, 09 Dec 2016 23:13:33 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1185271#M440213v3ntH0riz0n2016-12-09T23:13:33ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1185273#M44022
<P>Yes! Several times. I wish it was available for the R8500</P>Fri, 09 Dec 2016 23:19:58 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1185273#M44022Retired_Member2016-12-09T23:19:58ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1185440#M44037
<P>This might be interesting:</P><P>&nbsp;</P><P><A href="https://community.netgear.com/t5/General-WiFi-Routers/Netgear-routers-found-to-have-critical-vulnerabilities-within/m-p/1185417#M63891" target="_blank">Re: Netgear routers found to have critical vulnera... - NETGEAR Communities</A></P><P>&nbsp;</P><P>&nbsp;</P>Sat, 10 Dec 2016 12:26:32 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1185440#M44037michaelkenward2016-12-10T12:26:32ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1185462#M44040
<P>I have the Nighthawk X6 R8000 router and tried the exploit (using the "ls" command). &nbsp;The router returned a directory listing. I was not logged into the router at the time, and the router requires authentication normally to log in. &nbsp;So, it seems that the current software on the R8000 is also vulnerable !!!!!</P><P>I hate to have to purchase a different router, but don't see how I can continue to use this one. &nbsp;Hope a new software release will be available soon.</P><P>&nbsp;</P>Sat, 10 Dec 2016 13:36:35 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1185462#M44040wawilmsn2016-12-10T13:36:35ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1185508#M44051
<P>I tested the exploit (to the best of my ability) and found that it does not seem to work with firmware version V1.0.3.68_1.1.31 .&nbsp; The string causes the router to request the admin login and then fails to the "Unauthorized Access" screen.&nbsp; The command after the semicolon does not appear to be executed.&nbsp; Unfortunately, I could only test from my local network, so I cannot confirm whether this is a "universal fix".</P><P>&nbsp;</P><P>Although this is an older version of the firmware, it may be a work around while NetGear works up a patch.&nbsp; I believe that some of the older versions are archived online.</P><P>&nbsp;</P><P>Regardless, be safe.</P>Sat, 10 Dec 2016 15:33:38 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1185508#M44051Coherent_Lite2016-12-10T15:33:38ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1185510#M44052
<BLOCKQUOTE><HR /><LI-USER uid="370345"></LI-USER> wrote:<BR /><P>I believe that some of the older versions are archived online.</P><P>&nbsp;</P><HR /></BLOCKQUOTE><P>&nbsp;</P><P>You can find about a dozen firmware versions here:</P><P>&nbsp;</P><P><A href="https://www.netgear.com/support/product/r8000.aspx?cid=wmt_netgear_organic#download" target="_blank">R8000 | Product | Support | NETGEAR</A></P><P>&nbsp;</P><P>&nbsp;</P>Sat, 10 Dec 2016 15:30:05 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1185510#M44052michaelkenward2016-12-10T15:30:05ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1185512#M44054
<P>I tried using a supposed exploit from <A href="https://www.exploit-db.com/exploits/40889/" target="_self">HERE</A> and entered for the URL <A href="http://192.168.1.1/cgi-bin/;ls" target="_blank">http://192.168.1.1/cgi-bin/;ls</A> and all I see is partial HTML display?</P><P>&nbsp;</P><P>Entering <A href="http://192.168.1.1/cgi-bin/;COMMAND" target="_blank">http://192.168.1.1/cgi-bin/;COMMAND</A> did the same?</P><P>&nbsp;</P><P>Am I missing something here?</P>Sat, 10 Dec 2016 15:35:40 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1185512#M44054IrvSp2016-12-10T15:35:40ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1185518#M44055
<P>My router is at 192.168.1.254. &nbsp;First, I checked by going to the router web GUI and received the authentication page, since I was not logged in. I wanted to make sure my login was not cached.</P><P>Then, I did exactly what you did. I copied your link with the "ls" in the line, substituting .254 for .1.</P><P>Here is what I got back -- and yes, it is a partial HTML display, but it is a valid and proper response to the ls command -- it gave a directory listing:</P><PRE>bin
dev
etc
lib
media
mnt
opt
proc
sbin
share
sys
tmp
usr
var
www
<BR /><BR /><BR /></PRE><P>I was using a Chrome browser on a Mac, but that should not matter. Bottom line - at least for me is that it ran the ls command. &nbsp;</P><P>I am going to try to go back to a previous SW release and hope it works without the flaw. &nbsp;Otherwise, I will have to try Tomato or DD-WRT, and I really do not want to have to do that and reset everything.</P><P>&nbsp;</P>Sat, 10 Dec 2016 15:45:53 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1185518#M44055wawilmsn2016-12-10T15:45:53ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1185528#M44057
<P>I have been playing with the proof-of-concept strings a little bit more.&nbsp; First, I note that the exploit-db website has two different versions: one with a "cgi-bin" directory and the other without.&nbsp; I tried both with my R7000 running the older firmware (I never upgraded due to issues with the 1.06(?) firmware).&nbsp; The results are as follows:</P><P>&nbsp;</P><P>Without the "cgi-bin" directory designation, trying both the ls command and the telnet command, the router requests the admin login and then fails to the "Unauthorized access" screen.&nbsp; The commands do not appear to be executed.</P><P>&nbsp;</P><P>With the "cgi-bin" directory included, the router returns a "Resource Not Found" error, but neither command was executed.&nbsp; Perhaps a more experienced user might be able to explain this, but it seems to me like the request is being interpreted by the router and then failed due to the directory not being found.&nbsp; If so, then is it possible that a re-crafted string might work on the older firmware?</P><P>&nbsp;</P><P>&nbsp;</P>Sat, 10 Dec 2016 16:08:46 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1185528#M44057Coherent_Lite2016-12-10T16:08:46ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1185531#M44058
<P>SUCCESS! ! !</P><P>At least for the R8000 router.</P><P>I downgraded to&nbsp;<SPAN>V1.0.2.46_1.0.97, which is the most recent non-current version. &nbsp;The downgrade with flawlessly -- no problems at all. I did not loose any settings, so all seems to be working. &nbsp;I tried the exploit and it did not work. &nbsp;Like others have reported (after making sure I was logged out of the router), it returned a page saying I was not authorized.</SPAN></P><P>&nbsp;</P><P><SPAN>I hope Netgear will provide a new software update for the router. I do not like running an old version -- I feel like there were probably some problems that were fixed in the newer version, but the newer version has an extremely dangerous flaw.</SPAN></P><P>&nbsp;</P><P><SPAN>Someone mentioned connecting via the internet (WAN) side vs the LAN or home side. &nbsp;The PROBLEM is, that your web browser AT HOME, within your LAN could go to a web page, even on a well known site that has a link on a picture (or like within an ad) that has that command embeded. &nbsp;You do not have to type it in to the top line. It can be an embeded link, and it will run the link and affect the router.</SPAN></P><P><SPAN><BR />But -- good for now -- or at least, I feel safer.</SPAN></P><P>&nbsp;</P>Sat, 10 Dec 2016 16:11:24 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1185531#M44058wawilmsn2016-12-10T16:11:24ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1185536#M44060
<P>WOOPSEY -- I was wrong.</P><P>It seemed like the fix (downgrading) worked. I even tried a couple of time. But after closing the web browser and going back to try again (I was going to try with and without the cgi-bin in the line -- it FAILED. That is, it returned the directory listing. &nbsp;I checked, and the router is reporting the older software, so for some reason, it does not work either, and is subject to the flaw. &nbsp;I will be going back to the current software, but still looking for a fix. &nbsp;It looks like a basic problem. &nbsp;</P><P>So, just to confirm, with the older software <SPAN>V1.0.2.46_1.0.97</SPAN>, I still have the problem.</P><P>&nbsp;</P>Sat, 10 Dec 2016 16:24:27 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1185536#M44060wawilmsn2016-12-10T16:24:27ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1185540#M44062
<P>Drat.&nbsp; Sorry to hear it.&nbsp; I tried doing what you described with my R7000 and it seems to still be "safe".&nbsp; I will treat it as a "suspect work-around".</P><P>&nbsp;</P><P>Thanks for the update.</P>Sat, 10 Dec 2016 16:34:21 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1185540#M44062Coherent_Lite2016-12-10T16:34:21ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1185554#M44065
<P>Yes, I did get that at the bottom,</P><P>&nbsp;</P><P>=========</P><PRE>bin
dev
etc
lib
media
mnt
opt
proc
sbin
share
sys
tmp
usr
var
www</PRE><P>However there was upteen lines above it with partial HTML:</P><P>&nbsp;</P><PRE>alue)
{
var button;
button=document.getElementsByName('buttonHit');
button[0].value=btn.name;
button=document.getElementsByName('buttonValue');
button[0].value=value;
return true;
}
function clickButton(message)
{
alert(message);
}
function mainOnload()
{
}
function changeCursorPointer()
{
document.body.style.cursor='pointer';
}
function changeCursorDefault()
{
document.body.style.cursor='default';
}
function iframeResize(iframe){
alert("Enter iframeResize "+iframe);
if(iframe &amp;&amp; !window.opera){
if(iframe.contentDocument &amp;&amp; iframe.contentDocument.body.offsetHeight){
alert('before '+iframe.height+" document "+iframe.Document.body.offsetHeight);
iframe.height=iframe.contentDocument.body.offsetHeight+80;
alert('after '+iframe.height);
}
else if(iframe.Document &amp;&amp; iframe.Document.body.scrollHeight){
alert('before '+iframe.style.height+" document "+iframe.Document.body.scrollHeight);
iframe.style.height=iframe.Document.body.scrollHeight;
alert('after '+iframe.style.height); </PRE><P>Literally hundreds of lines like that.</P><P>&nbsp;</P><P>Although the end is the expected output does that really mean 'something' could be done to/on the router?</P>Sat, 10 Dec 2016 16:57:15 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1185554#M44065IrvSp2016-12-10T16:57:15ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1185557#M44066
<P>I would assume - yes. &nbsp;You asked for a directory listing, and it gave it to you. The report is, that telnet worked also. &nbsp;I could not think of an easy command to use that would prove a security breach without doing harm. &nbsp;I have gone back and forth with the old and new software a couple of times now, and have made sure that browser cache was cleared each time, and that I was not logged into the router. &nbsp;And, it FAILED every time. &nbsp;That is, even with the older software, the security problem still existed. I got a directory listing with the "ls" command issued.</P><P>I will have to try Tomato this afternoon. Or go buy (another) new, expensive router.</P><P>&nbsp;</P>Sat, 10 Dec 2016 17:02:50 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1185557#M44066wawilmsn2016-12-10T17:02:50ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1185632#M44079
<P>TEmporary solution can be <A href="http://www.sj-vs.net/a-temporary-fix-for-cert-vu582384-cwe-77-on-netgear-r7000-and-r6400-routers/" target="_self">found here</A>.</P><P>&nbsp;</P><P><STRONG>tl;dr – a quick overview</STRONG></P><P>Here are the three steps (explanation below):</P><OL><LI>Open a web browser and visit the following URL:<BR />http://[router-address]/cgi-bin/;telnetd$IFS-p$IFS'12346'<BR />(it’ll look like it’s loading a page, just leave the window open and continue with the next step)</LI><LI>Type the following in a console / terminal window / command prompt:<BR />telnet [router-address] 12346<BR />You will (should) now have BusyBox root access to your router.</LI><LI>Type in the following to terminate the router’s web server process:<BR />killall httpd&nbsp;<P>&nbsp;</P><P><STRONG>done!</STRONG></P></LI></OL>Sat, 10 Dec 2016 19:53:35 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1185632#M44079GinaGerson2016-12-10T19:53:35ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1185683#M44101
<P>Thank you for shaing this. I read the article. &nbsp;Accordng to that documentation the fix is only good until you reboot the router.&nbsp;</P><P>Also, you are also disabling your ability to log in to the router, until you reboot it.&nbsp;</P><P>&nbsp;</P><P>I wen to my public IP address using this URL and I can see that I am seeing a lot of Javascript. Wow, that is really bad.</P>Sat, 10 Dec 2016 23:33:12 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1185683#M44101SqueakyEye2016-12-10T23:33:12ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1185686#M44103
<LI-USER uid="370382"></LI-USER><BR />The procedure kills the httpd, but it leaves telnetd running. Well, I guess it's better than a wide open web interface.Sat, 10 Dec 2016 23:43:33 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1185686#M44103kochin2016-12-10T23:43:33ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1185702#M44106
<P>Thanks for this. &nbsp;I killed the web service on the router. &nbsp;Is Netgear aware or acknowledging this? &nbsp;I saw another blog post today talking about this exploit.</P>Sun, 11 Dec 2016 01:04:49 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1185702#M441063v3ntH0riz0n2016-12-11T01:04:49ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1185739#M44115
<P>Is X-10 R9000 also affected? Can someone please check?</P><P>&nbsp;</P><P>It is a new product, so ZDNet might not have tested it.</P>Sun, 11 Dec 2016 03:50:36 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1185739#M44115alokeprasad2016-12-11T03:50:36ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1185754#M44120
<P>You can test it yourself by using that url.</P><P>&nbsp;</P><P>Login to your router, and find out the ip of it. &nbsp;Then replace the ip with that test url. &nbsp;If you get can't be found or access denied then you are good, if you get anything else, then it's vunerable.</P><P>&nbsp;</P><P><SPAN>http://[router-address]/cgi-bin/;uname$IFS-a</SPAN></P><P>&nbsp;</P><P><SPAN>Link to the article: &nbsp;<A href="http://www.sj-vs.net/a-temporary-fix-for-cert-vu582384-cwe-77-on-netgear-r7000-and-r6400-routers/" target="_blank">http://www.sj-vs.net/a-temporary-fix-for-cert-vu582384-cwe-77-on-netgear-r7000-and-r6400-routers/</A></SPAN></P>Sun, 11 Dec 2016 05:34:15 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1185754#M441203v3ntH0riz0n2016-12-11T05:34:15ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1185771#M44124
<P>If I go to</P><P>&nbsp;</P><P><A href="http://192.168.1.1/cgi-bin/;uname$IFS-a" target="_blank">http://192.168.1.1/cgi-bin/;uname$IFS-a</A></P><P>&nbsp;</P><P>I get (HTTP 404 Not Found) error.&nbsp; I'm doing this from inside my LAN.</P><P>&nbsp;</P><P>Is this a valid test? Do I need to test from the WAN side (from the internet)?</P>Sun, 11 Dec 2016 09:58:08 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1185771#M44124alokeprasad2016-12-11T09:58:08ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1185907#M44165
<P>Very difficult if not impossible for 99% of Netgear customers (Costco, Amazon, Wal-Mart, Target shoppers) to comprehend and implement. &nbsp;Vendor solution is needed.</P>Sun, 11 Dec 2016 17:28:11 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1185907#M44165Captiva2016-12-11T17:28:11ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1185973#M44177
<P>So what is the timeline to a patch? &nbsp;After spending over 200 bucks for a router I expect that the vendor is going to support their product. &nbsp;Fair warning, I will be very vocal about my dissatisfaction if I have to go out and buy a new router. &nbsp;Considering I have an extensive career in Information Security, my voice may carry some weight... &nbsp;The current lack of response is disconcerting to say the least considering that there is an exploit available in the wild.</P>Sun, 11 Dec 2016 19:56:23 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1185973#M44177climb742016-12-11T19:56:23ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1185996#M44186
<P>I think it's safe to say, your router is not vunerable to the web service attack. &nbsp;There is another, but not sure how you would stop that or test it.</P><P>&nbsp;</P><P>&nbsp;</P><P>Here is the telnet test:</P><P>&nbsp;</P><P><SPAN>http://RouterIP/;telnetd$IFS-p$IFS'45' </SPAN></P><P>&nbsp;</P><P><SPAN>will open telnet on port 45.</SPAN></P>Sun, 11 Dec 2016 21:18:25 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1185996#M441863v3ntH0riz0n2016-12-11T21:18:25ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1185997#M44187
<P>Agree. &nbsp;Especially since there were a lot of discounts on this item since black friday and articles telling consumers its one of the best devices you could buy at the time.</P>Sun, 11 Dec 2016 21:07:28 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1185997#M441873v3ntH0riz0n2016-12-11T21:07:28ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1185998#M44188
<P>I would recommend twitter, to voice concern (netgearhelp I think it the tag). &nbsp;We could also post to review sites (amazon.com, newegg, and even netgears site). &nbsp;Use social media, like FB to post reviews or rank the item. &nbsp;This might get their attention. &nbsp;This bug has been known about since Friday, and Netgear has yet to respond. &nbsp;Unacceptable.</P>Sun, 11 Dec 2016 21:09:38 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1185998#M441883v3ntH0riz0n2016-12-11T21:09:38ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186018#M44196
<P>There are a number of security sites that garner a lot of attention as well... though a number of them already have this issue in their sights along with mainstream tech sites. &nbsp;ZDNet is just the tip of the proverbial iceberg. &nbsp;I find it odd that the only response from a Netgear representative on their own forum was to attempt to discredit CERT as a source. &nbsp;Calling&nbsp;<SPAN>Carnegie Mellon University's public vulnerability database (CERT) a "third party" is a bit of a stretch... I wonder what sort of agenda they think a reputable university and The Department of Homeland Security are trying to push... I sincerely doubt either "third party" have any vested interest in a Netgear competitor.</SPAN></P><P><SPAN>&nbsp;</SPAN></P><P><SPAN>That said... I don't know how much weight our threats of going to the media will have anymore now that SlashDot, ComputerWorld, and Network World have gotten a hold of this story. &nbsp;This story has gotten legs, and if Netgear doesn't get ahead of this they are going to be in serious trouble. &nbsp;Personally I will give them two business days at most before I drop support for them entirely and search for a more secure router vendor. &nbsp;Many of us Security Architects work from home. &nbsp;The last thing we need are unsupported border devices with egregious security flaws. &nbsp;The least they should do is provide a workaround as of yesterday!</SPAN></P>Sun, 11 Dec 2016 22:14:34 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186018#M44196climb742016-12-11T22:14:34ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186019#M44197
<P>According to&nbsp;<A href="https://mobile.slashdot.org/story/16/12/11/1832234/vulnerability-prompts-warning-stop-using-netgear-wifi-routers" target="_blank">https://mobile.slashdot.org/story/16/12/11/1832234/vulnerability-prompts-warning-stop-using-netgear-wifi-routers</A> 'Proof-of-concept exploit code was released by a Twitter user who, according to the article, said "he informed Netgear of the flaw more than four months ago, but did not hear back from the company since then."' Netgear needs to fix the vunerability and explain why it has not done so in the last four months.</P><P>&nbsp;</P>Sun, 11 Dec 2016 22:15:50 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186019#M44197virtigex2016-12-11T22:15:50ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186020#M44198
<P>I got a response from Netgear this morning at 2:39am. They must be working hard to get it resolved. But, the message isn't saying much.</P><P>&nbsp;</P><P><EM>We appreciate you contacting us. Currently we are working on a fix and will get back to you when it’s available. Thanks.</EM></P><P><EM>If you have any questions or comments with regard to this information, please contact us at: security@netgear.com.</EM></P><P><EM>Sincerely,</EM></P><P><EM>Product Security Incident Response Team </EM><BR /><EM>Netgear, Inc</EM></P>Sun, 11 Dec 2016 22:16:29 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186020#M44198kochin2016-12-11T22:16:29ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186075#M44216
<BLOCKQUOTE><HR /><LI-USER uid="304712"></LI-USER> wrote:<BR /><P>I think it's safe to say, your router is not vunerable to the web service attack. &nbsp;There is another, but not sure how you would stop that or test it.</P><P>&nbsp;</P><P>&nbsp;</P><P>Here is the telnet test:</P><P>&nbsp;</P><P><SPAN>http://RouterIP/;telnetd$IFS-p$IFS'45' </SPAN></P><P>&nbsp;</P><P><SPAN>will open telnet on port 45.</SPAN></P><HR /></BLOCKQUOTE><P><BR />That gives me</P><P>&nbsp;</P><PRE>No such file or directory</PRE><P>&nbsp;</P>Mon, 12 Dec 2016 00:54:42 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186075#M44216alokeprasad2016-12-12T00:54:42ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186077#M44217
<BLOCKQUOTE><HR /><LI-USER uid="267538"></LI-USER> wrote:<BR /><P>I got a response from Netgear this morning at 2:39am. They must be working hard to get it resolved. But, the message isn't saying much.</P><P>&nbsp;</P><BR /><HR /></BLOCKQUOTE><P>Probably means that is from a tech center in India or something ....</P>Mon, 12 Dec 2016 00:57:35 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186077#M44217alokeprasad2016-12-12T00:57:35ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186124#M44229
<P>The point I was trying to make was that the comment suggesting stopping using the devices was not made by NETGEAR and only that. I wanted to clarify that as a post suggested it was.</P>Mon, 12 Dec 2016 04:32:15 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186124#M44229mdgm-ntgr2016-12-12T04:32:15ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186149#M44242
<P><BR />NETGEAR&nbsp;is&nbsp;aware of the security issue #582384 affecting R6250, R6400, R6700, R6900, R7000, R7100LG, R7300DST, R7900, R8000, D6220, D6400 routers. Stay updated here: <A href="http://kb.netgear.com/000036386/CVE-2016-582384" target="_blank">http://kb.netgear.com/000036386/CVE-2016-582384</A></P>
<P>&nbsp;</P>
<P>We now have beta firmware containing fixes for some affected models.<BR /><BR /></P>
<P>We're working hard on fixes for the other affected models and will update the security ticket above soon.</P>
<P>&nbsp;</P>
<P>**** UPDATE from NETGEAR - Added by ChristineT on 12/15/16 at 10:30&nbsp;AM PST ****</P>
<P>&nbsp;</P>
<P>To our NETGEAR Community, we sincerely apologize for any complications you may have encountered due to the recently publicized vulnerability, referred to as <A href="https://www.kb.cert.org/vuls/id/582384" target="_blank">VU 582384</A>. We initially became aware of this vulnerability last Friday when CERT emailed us, and because we had no record of a prior report, we began our standard process of validation prior to making any public statements.&nbsp;</P>
<P>&nbsp;</P>
<P>Once it had been disclosed that the first notification actually occurred in August, we conducted a search and confirmed this was the case. Admittedly, this was an oversight on our part. While no security reporting system is perfect, we aim to do better, and are evaluating how to improve our response process.</P>
<P>&nbsp;</P>
<P>NETGEAR has created a channel for security researchers and other members of the public to contact us regarding potential security issues affecting NETGEAR products (<A href="mailto:security@netgear.com" target="_blank">security@netgear.com</A>), which is publicly disclosed from the <A href="https://www.netgear.com/about/security" target="_blank">NETGEAR Product Security Advisory</A> page.&nbsp; We receive numerous emails through this channel, the overwhelming majority of which, on review, do not raise product security issues.&nbsp; When we do recognize that there is a security risk to our customers, we work diligently to address them in a timely manner, as we have done in this case since learning about it last Friday.</P>
<P>&nbsp;</P>
<P><A href="http://kb.netgear.com/000036386/CVE-2016-582384?cid=wmt_netgear_organic" target="_blank">Security Advisory for VU 582384</A> knowledgebase article.</P>
<P><A href="https://www.netgear.com/about/security/?cid=wmt_netgear_organic" target="_blank">NETGEAR Product Security Advisory</A> page.</P>
<P>&nbsp;</P>
<P>&nbsp;</P>Thu, 15 Dec 2016 19:08:40 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186149#M44242mdgm-ntgr2016-12-15T19:08:40ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186165#M44249
<P>You are probably good.</P>Mon, 12 Dec 2016 06:01:01 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186165#M442493v3ntH0riz0n2016-12-12T06:01:01ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186166#M44250
<P>You are probaly safe.</P>Mon, 12 Dec 2016 06:05:58 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186166#M442503v3ntH0riz0n2016-12-12T06:05:58ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186167#M44251
<P>Thanks for responding after several days. /sarcasm &nbsp;How about a tweet or something, or do you want to try and keep this under wraps?</P>Mon, 12 Dec 2016 06:06:41 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186167#M442513v3ntH0riz0n2016-12-12T06:06:41ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186183#M44252
<P>I would have liked the Security Advisory&nbsp;to have been posted sooner, but that's out of the control of our moderation team.</P>
<P>&nbsp;</P>
<P><BR />A colleague has already&nbsp;<A href="https://twitter.com/chris_salazar/status/808163767611625472" target="_self">tweeted about this</A>&nbsp;and responded to a thread on a popular site that's seeing a lot of activity on this.<BR /><BR />As our security team's investigation progresses they will&nbsp;make further decisions.</P>
<P>&nbsp;</P>
<P>&nbsp;</P>Mon, 12 Dec 2016 08:03:41 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186183#M44252mdgm-ntgr2016-12-12T08:03:41ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186222#M44253
<P>Hi mdgm,</P><P>&nbsp;</P><P>Is it true that Netgear was informed of this 4 months ago (per link below)?</P><P><A href="https://mobile.slashdot.org/story/16/12/11/1832234/vulnerability-prompts-warning-stop-using-netgear-wifi-routers" target="_self">https://mobile.slashdot.org/story/16/12/11/1832234/vulnerability-prompts-warning-stop-using-netgear-wifi-routers</A></P><P>&nbsp;</P><P>Aloke</P><P>(Still using the SPARc ReadyNAS Duo!)</P>Mon, 12 Dec 2016 10:17:14 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186222#M44253alokeprasad2016-12-12T10:17:14ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186344#M44267
<P>Hi.. just saw this news on another site..&nbsp;</P><P>Thanks for the tips above, I have disabled the server as suggested. But I have a question</P><P>&nbsp;</P><P>If you go to the R7000 downloads its showing the official FW as</P><P>R7000 Firmware Version 1.0.1.22</P><P>&nbsp;</P><P><A href="http://kb.netgear.com/en_US/23857/" target="_blank">http://kb.netgear.com/en_US/23857/</A></P><P>&nbsp;</P><P>is that a safe version? the date was 11/28/2016... seems like a much earlier version?</P>Mon, 12 Dec 2016 14:49:53 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186344#M44267StaticFX2016-12-12T14:49:53ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186461#M44282
<P>Is there a way to tell if a router has been breached by a hacker?&nbsp;</P>Mon, 12 Dec 2016 17:36:15 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186461#M44282Unfiltered12016-12-12T17:36:15ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186467#M44284
<P>Wont work with Merlin software installed, also the Asus-wrt/Merlin software is more reliable and faster. &nbsp;Not sure why anyone would continue to use Netgear's terrible firmware at this point. &nbsp;</P><P>&nbsp;</P><P>If I had purchased the Arlo cameras hoping to use the R7000 as my base station I would cut my losses and run, at some point you have to quit throwing good money after bad.</P>Mon, 12 Dec 2016 17:40:15 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186467#M44284Gandolph2016-12-12T17:40:15ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186490#M44285
Does this affect the r8500?Mon, 12 Dec 2016 18:09:16 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186490#M44285RC0101-22016-12-12T18:09:16ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186495#M44286
<P><LI-USER uid="308608"></LI-USER>&nbsp;- i forgot about wrt etc... do you have the link handy?</P>Mon, 12 Dec 2016 18:20:17 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186495#M44286StaticFX2016-12-12T18:20:17ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186500#M44287
<P>Gandolf, please supply more info regarding the asus-wrt/merlin firmware.</P>Mon, 12 Dec 2016 18:26:37 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186500#M44287climb742016-12-12T18:26:37ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186505#M44289
<BLOCKQUOTE><HR /><LI-USER uid="276320"></LI-USER> wrote:<BR /><P><LI-USER uid="308608"></LI-USER>&nbsp;- i forgot about wrt etc... do you have the link handy?</P><HR /></BLOCKQUOTE><P><A href="http://www.dd-wrt.com/wiki/index.php/Main_Page" target="_blank">http://www.dd-wrt.com/wiki/index.php/Main_Page</A></P><P>&nbsp;</P><P>I may actually attempt this on my next day off. &nbsp;Looks to be more secure and still offers all I need in regards to management. &nbsp;</P>Mon, 12 Dec 2016 18:36:08 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186505#M442893v3ntH0riz0n2016-12-12T18:36:08ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186506#M44290
<BLOCKQUOTE><HR /><LI-USER uid="289433"></LI-USER> wrote:<BR />Does this affect the r8500?<HR /></BLOCKQUOTE><P>You would have to test the sample code:</P><P>&nbsp;</P><P>Step 1 (optional): verify you’re vulnerable</P><P>Open your browser and visit the following address:</P><CENTER>http://[router-address]/cgi-bin/;uname$IFS-a<BR />(For most people, this URL will work: <A href="http://www.routerlogin.net/cgi-bin/;uname$IFS-a" target="_blank">http://www.routerlogin.net/cgi-bin/;uname$IFS-a</A>)</CENTER><P><SPAN>&nbsp;</SPAN></P><P>&nbsp;</P><P>If a web page appears (which is not an error): you’re vulnerable. In my case, the page contains a text that starts with: Linux R7000 2.6.36.4brcmarm+ (...).</P><P>&nbsp;</P><P>Link to blog post for the rest:&nbsp;<A href="http://www.sj-vs.net/a-temporary-fix-for-cert-vu582384-cwe-77-on-netgear-r7000-and-r6400-routers/" target="_blank">http://www.sj-vs.net/a-temporary-fix-for-cert-vu582384-cwe-77-on-netgear-r7000-and-r6400-routers/</A></P>Mon, 12 Dec 2016 18:37:49 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186506#M442903v3ntH0riz0n2016-12-12T18:37:49ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186510#M44291
<P><SPAN>StaticFX,</SPAN></P><P><SPAN>This is the link for the R7000 specific version of the firmware. &nbsp;I have been running this for a long time now with no problems. &nbsp;It makes me like my Netgear router again...</SPAN></P><P>&nbsp;</P><P>Asuswrt-Merlin on Netgear R7000</P><P><A href="http://www.linksysinfo.org/index.php?threads/asuswrt-merlin-on-netgear-r7000.71108/" target="_blank">http://www.linksysinfo.org/index.php?threads/asuswrt-merlin-on-netgear-r7000.71108/</A></P>Mon, 12 Dec 2016 18:49:59 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186510#M44291Gandolph2016-12-12T18:49:59ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186511#M44292
<BLOCKQUOTE><HR /><LI-USER uid="370681"></LI-USER> wrote:<BR /><P>Gandolf, please supply more info regarding the asus-wrt/merlin firmware.</P><HR /></BLOCKQUOTE><P>Here is a link to a discussion:</P><P>&nbsp;</P><P><A href="https://community.netgear.com/t5/Nighthawk-WiFi-Routers/R7000-Using-Asuswrt-Merlin/td-p/1127372" target="_blank">https://community.netgear.com/t5/Nighthawk-WiFi-Routers/R7000-Using-Asuswrt-Merlin/td-p/1127372</A></P><P>&nbsp;</P><P>Here is a link to asus-wrt:</P><P>&nbsp;</P><P><A href="http://xvtx.ru/xwrt/about.htm" target="_blank">http://xvtx.ru/xwrt/about.htm</A></P>Mon, 12 Dec 2016 18:51:47 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186511#M442923v3ntH0riz0n2016-12-12T18:51:47ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186519#M44293
<P>For now I'v flashed other <A href="http://www.linksysinfo.org/index.php?threads/asuswrt-merlin-on-netgear-r7000.71108/" target="_self">firmware</A>. (<SPAN>XWRT)</SPAN></P><P>Seems to work very well. On 2.4G i get way more download, went up from 45/15 to 88/15 <img id="smileywink" class="emoticon emoticon-smileywink" src="https://community.netgear.com/i/smilies/16x16_smiley-wink.png" alt="Smiley Wink" title="Smiley Wink" /></P><P>5G stays same as it was 150/15 (but that's my max speed) so that's fine.</P>Mon, 12 Dec 2016 18:54:23 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186519#M44293GinaGerson2016-12-12T18:54:23ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186604#M44305
<BLOCKQUOTE><HR /><LI-USER uid="276320"></LI-USER> wrote:<BR />
<P>the date was 11/28/2016... seems like a much earlier version?</P>
<HR /></BLOCKQUOTE>
<P>That's the date the Release Notes article was last updated not the date the firmware was released. That firmware was released over 3 years ago.</P>Mon, 12 Dec 2016 21:21:07 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186604#M44305mdgm-ntgr2016-12-12T21:21:07ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186668#M44310
<P>Yeah I figured.. but they just posted that old firmware... so I wonder if its a safe version</P>Mon, 12 Dec 2016 23:16:58 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186668#M44310StaticFX2016-12-12T23:16:58ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186671#M44311
<P>According to all threat assessment sources, Netgear was made aware of the vulnerability in August but chose to ignore the cyber security community which is why the issue was never resolved any sooner. We should hope they will act more promptly in the future. Nighthawk routers aren't cheap - they are future-proof investments.</P>Mon, 12 Dec 2016 23:18:02 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186671#M44311Rauder2016-12-12T23:18:02ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186686#M44316
<BLOCKQUOTE><HR /><LI-USER uid="259372"></LI-USER> wrote:<BR /><P><BR />NETGEAR&nbsp;is&nbsp;aware of the security issue #582384 affecting R6400, R7000, R8000 routers. Stay updated here: <A href="http://kb.netgear.com/000036386/CVE-2016-582384" target="_blank">http://kb.netgear.com/000036386/CVE-2016-582384</A><BR />We're working hard for a fix and will update the security ticket above soon.</P><HR /></BLOCKQUOTE><P>Ok am I dense? Why is this green checked as solved? Acknowledging there is a problem is not a solution in itself. Kinda misleading doncha think?&nbsp;</P>Mon, 12 Dec 2016 23:56:10 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186686#M44316timetorebel2016-12-12T23:56:10ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186699#M44319
<P>I'm running&nbsp;<SPAN>V1.0.4.30_1.1.67 &nbsp;and the bug is there.</SPAN></P><P>&nbsp;</P><P><SPAN>I find it intresting that the merlin firmware can be faster even though it is not using the hardware acceleration. &nbsp;</SPAN></P>Tue, 13 Dec 2016 00:18:31 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186699#M44319RMinNJ2016-12-13T00:18:31ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186706#M44320
<BLOCKQUOTE><HR /><LI-USER uid="129710"></LI-USER> wrote:<BR /><P>According to all threat assessment sources, Netgear was made aware of the vulnerability in August but chose to ignore the cyber security community which is why the issue was never resolved any sooner. We should hope they will act more promptly in the future. Nighthawk routers aren't cheap - they are future-proof investments.</P><HR /></BLOCKQUOTE><P>I've really gotta be cynical about this response lag. On a post on another thread I said Netgear needs to be more proactive than reactive as in auditing its own code and revamping firmware deployment model such as making it more modular so people could apply package and kernel updates as in desktop applications of Linux. &nbsp;Oh and do something about the user interface. Ancient kernels and applications are bad enough but the UI is apparently also a weak link in the chain. And so much for the keeping remote manafement off "panacea" since a bad ad might exploit your browser to topple the router from inside the network. Nice.</P><P>&nbsp;</P><P>But if there was that long of a response lag between when Acew0rm tried notifying Netgear and the vulnerability made public I don't think the term "reactive" is appropriate. Head in sand might be better. It's about PR and pleasing ....wait for it... investors.</P><P>&nbsp;</P><P>The saddest part is that those of us who know about the problem(s) with Netfear and other router vendors are probably a very small portion of endusers. Therefore very little free market accountabilty.</P><P>&nbsp;</P><P>And I used to mock Microsoft. Well I still do 😊</P><P>&nbsp;</P><P>At least there are alternatives such as building your own Ubuntu router box, open source firmwares, or something such as a pfsense box. The latter can be had as turnkey without too much fuss.</P>Tue, 13 Dec 2016 00:27:36 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186706#M44320timetorebel2016-12-13T00:27:36ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186717#M44324
<BLOCKQUOTE><HR /><LI-USER uid="173112"></LI-USER> wrote:<BR /><P>Is X-10 R9000 also affected? Can someone please check?</P><P>&nbsp;</P><P>It is a new product, so ZDNet might not have tested it.</P><HR /></BLOCKQUOTE><P>What is unique to the product lines affected versus other Netgear routers? How can we be sure the other sorts of routers are safe? I could understand that NetUSB would be limited to routers with that feature but why this one having relevance to only a handful of Netgear routers?&nbsp;</P>Tue, 13 Dec 2016 00:52:03 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186717#M44324timetorebel2016-12-13T00:52:03ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186737#M44327
<BLOCKQUOTE><HR /><LI-USER uid="277377"></LI-USER> wrote:<BR /><BLOCKQUOTE><HR /><LI-USER uid="259372"></LI-USER> wrote:<BR /><P><BR />NETGEAR&nbsp;is&nbsp;aware of the security issue #582384 affecting R6400, R7000, R8000 routers. Stay updated here: <A href="http://kb.netgear.com/000036386/CVE-2016-582384" target="_blank">http://kb.netgear.com/000036386/CVE-2016-582384</A><BR />We're working hard for a fix and will update the security ticket above soon.</P><HR /></BLOCKQUOTE><P>Ok am I dense? Why is this green checked as solved? Acknowledging there is a problem is not a solution in itself. Kinda misleading doncha think?&nbsp;</P><HR /></BLOCKQUOTE><P>I saw that too. &nbsp;No idea, because it is not resolved. &nbsp;Maybe they are worried that people will not be buying these routers for Xmas?</P>Tue, 13 Dec 2016 01:55:04 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186737#M443273v3ntH0riz0n2016-12-13T01:55:04ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186764#M44335
<P><SPAN>I think that was probably marked as&nbsp;the solution by a colleague so that users could quickly find the advisory to follow to keep updated on the issue.</SPAN></P>
<P>&nbsp;</P>
<P><SPAN>As our investigation continues we will have further updates to our security advisory. Thank you for your patience.</SPAN></P>
<P>&nbsp;</P>
<P><SPAN>We have an email dedicated for security concerns e.g. reporting security issues. It's mentioned in the security advisory and also on the Security Advisory section of our website:&nbsp;<A href="http://www.netgear.com/about/security/" target="_blank">http://www.netgear.com/about/security/</A></SPAN></P>Tue, 13 Dec 2016 02:35:55 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186764#M44335mdgm-ntgr2016-12-13T02:35:55ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186772#M44336
<BLOCKQUOTE><HR /><LI-USER uid="259372"></LI-USER> wrote:<BR /><P><SPAN>I think that was probably marked as&nbsp;the solution by a colleague so that users could quickly find the advisory to follow to keep updated on the issue.</SPAN></P><P>&nbsp;</P><P><SPAN>As our investigation continues we will have further updates to our security advisory. Thank you for your patience.</SPAN></P><P>&nbsp;</P><P><SPAN>We have an email dedicated for security concerns e.g. reporting security issues. It's mentioned in the security advisory and also on the Security Advisory section of our website:&nbsp;<A href="http://www.netgear.com/about/security/" target="_blank">http://www.netgear.com/about/security/</A></SPAN></P><HR /></BLOCKQUOTE><P>So you admit not a solution? And I am not sure what to think about announcement of the dedicated security email. I hope it isn't a way to deflect those voicing security concerns from the &nbsp;spotlight on these public forums. Those concerns need to remain public. But if it is to take security concerns seriously (PR blah blah...puppies and kittens) why did this vulnerability not get addressed months ago? That's a PR loss and corporate responsibility epic fail&nbsp;as I see it.</P>Tue, 13 Dec 2016 02:58:10 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186772#M44336timetorebel2016-12-13T02:58:10ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186783#M44337
<P>Thank you...It looks like I am affected. &nbsp;However, I follow the steps to kill the vulnerbility but it doesn't seem to work. After I follow the steps I recheck and I am still getting "Linixu r8500..."</P><P>&nbsp;</P><P>Any ideas? I have tried the router login and also my routers IP address....Maybe it's just time I move on from Netgear...</P><P>&nbsp;</P><P>&nbsp;</P><P>*edit - I believe I got it working. I get a page cannot be displated when testing. &nbsp;Still my confidence in Netgear is at an all time low and am thinking I will go with a different company.&nbsp;</P><P>&nbsp;</P>Tue, 13 Dec 2016 03:49:34 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186783#M44337RC0101-22016-12-13T03:49:34ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186792#M44339
<P>the command "uname -a" outputs the current system build info</P><P>&nbsp;</P><P>this won't be fixed properly until new firmware is released</P><P>&nbsp;</P><P>I have already abandoned my R7000 due to other firmware flaws so i am no longer affected</P>Tue, 13 Dec 2016 03:45:57 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186792#M44339Millstone2016-12-13T03:45:57ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186797#M44340
<BLOCKQUOTE><HR />timetorebel wrote:
<BLOCKQUOTE><HR /></BLOCKQUOTE>
<P>So you admit not a solution?</P>
<HR /></BLOCKQUOTE>
<P>That's pretty obvious when you read the Security Advisory that post links to.</P>
<BLOCKQUOTE>timetorebel wrote:
<P>And I am not sure what to think about announcement of the dedicated security email.</P>
</BLOCKQUOTE>
<P>That's&nbsp;the best way to make sure a report gets to the security advisory team ASAP.</P>
<BLOCKQUOTE>timetorebel wrote:
<P>I hope it isn't a way to deflect those voicing security concerns from the &nbsp;spotlight on these public forums.</P>
</BLOCKQUOTE>
<P>That's not the purpose at all. We value free and open discussion on our community.<BR /><BR />In one of the other threads a user asked for a thread to be closed, but we've left it open.</P>Tue, 13 Dec 2016 04:13:50 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186797#M44340mdgm-ntgr2016-12-13T04:13:50ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186814#M44343
<P><SPAN>The <A href="http://kb.netgear.com/000036386/CVE-2016-582384)" target="_self">Security Advisory</A></SPAN><SPAN>&nbsp;has been updated with more information and beta firmware for some affected models.</SPAN></P>Tue, 13 Dec 2016 11:58:47 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186814#M44343mdgm-ntgr2016-12-13T11:58:47ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186905#M44358
<P>I tested my D6400 and it is also vulnerable, your security notice only mentions the R6400 so please dont forget the DSL versions of the same routers too.</P>Tue, 13 Dec 2016 11:59:18 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186905#M44358zipcard2016-12-13T11:59:18ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186907#M44359
<BLOCKQUOTE><HR /><LI-USER uid="368079"></LI-USER> wrote:<BR />
<P>I tested my D6400 and it is also vulnerable, your security notice only mentions the R6400 so please dont forget the DSL versions of the same routers too.</P>
<HR /></BLOCKQUOTE>
<P>&nbsp;</P>
<P>Which firmware do you have on the D6400?</P>
<P>&nbsp;</P>
<P>&nbsp;</P>Tue, 13 Dec 2016 11:59:49 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186907#M44359michaelkenward2016-12-13T11:59:49ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186908#M44360
<P>Looks like they released beta firmware that fixes just this vulnerability. &nbsp; &nbsp; &nbsp;&nbsp;</P><P>&nbsp;</P><P>What is suggested...flash to beta or wait for a released version.?</P><P>&nbsp;</P><P>I have not run beta firmware before. &nbsp;Have people had good luck with beta?</P>Tue, 13 Dec 2016 11:43:18 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186908#M44360RMinNJ2016-12-13T11:43:18ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186912#M44361
<P>In general beta firmware can be hit or miss. Sometimes it is just fine, sometimes it introduces new problems. (I've seen that in beta tests of new hardware.)</P><P>&nbsp;</P><P>Firmware rarely, if ever, kills a device so long as you let it complete the process. That's why some&nbsp;people advise against doing regular updates over wifi, which probably won't apply in this case.</P><P>&nbsp;</P><P>Before you flash, you should retrieve and file away a copy of the current firmware. You can then flash back to that if you have problems.</P><P>&nbsp;</P><P>It is often also advisable to reset your hardware to the factory&nbsp;settings after the firmware flash. That isn't always needed. (Perhaps&nbsp;someone can advise if the changes with these&nbsp;updates requires a reset.)</P><P>&nbsp;</P><P>It is up to you to decide to use it. If you are seriously worried&nbsp;about this vulnerability, then do it. If not, hang on until a few other people have tried it.</P>Tue, 13 Dec 2016 11:51:09 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186912#M44361michaelkenward2016-12-13T11:51:09ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186913#M44362
<P>It's up to you.</P>
<P>&nbsp;</P>
<P>You can try the beta if you like or you can wait. In the unlikely event you have issues as a last resort you should be able to put the non-beta firmware back on and do a factory reset.</P>
<P>&nbsp;</P>
<P>Beta firmware will have undergone some basic testing but not the full QA cycle.</P>Tue, 13 Dec 2016 11:57:00 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186913#M44362mdgm-ntgr2016-12-13T11:57:00ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186920#M44365
<P>I just flashed the new beta firmware and I'm obviously still connected to the internet.&nbsp; So far I've not had any issues.&nbsp; R7000 router.</P>Tue, 13 Dec 2016 12:48:38 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186920#M44365Unfiltered12016-12-13T12:48:38ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186948#M44369
<BLOCKQUOTE><HR /><LI-USER uid="80637"></LI-USER> wrote:<BR /><BLOCKQUOTE><HR /><LI-USER uid="368079"></LI-USER> wrote:<BR /><P>I tested my D6400 and it is also vulnerable, your security notice only mentions the R6400 so please dont forget the DSL versions of the same routers too.</P><HR /></BLOCKQUOTE><P>&nbsp;</P><P>Which firmware do you have on the D6400?</P><P>&nbsp;</P><P>&nbsp;</P><HR /></BLOCKQUOTE><P>&nbsp;</P><P>I have firmware V1.0.0.54_1.0.54 installed.</P><P>&nbsp;</P><P>When I run the test it comes back with a page listing linux os version and other bits of info, if your unaffected it should be blank or give an error so I assumed the D series are also vulnerable.</P><P>&nbsp;</P><P>&nbsp;</P>Tue, 13 Dec 2016 13:15:14 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186948#M44369zipcard2016-12-13T13:15:14ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186961#M44371
<P>and it's very public now:&nbsp;&nbsp; <A href="http://fortune.com/2016/12/12/netgear-router-models-critical-vulnerability/" target="_blank">http://fortune.com/2016/12/12/netgear-router-models-critical-vulnerability/</A></P>Tue, 13 Dec 2016 13:36:31 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1186961#M44371ChrisNoonan2016-12-13T13:36:31ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1187108#M44391
<P>Hopefully we see an R7800 FW soon</P><P>&nbsp;</P>Tue, 13 Dec 2016 18:05:27 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1187108#M44391BoDEAN2016-12-13T18:05:27ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1187111#M44392
<P>"" &nbsp;<SPAN>Acew0rm alerted Netgear to the problem on Aug. 25, but never heard back, the researcher told&nbsp;</SPAN><EM>Fortune</EM><SPAN>&nbsp;in a direct message on Twitter. So four months later, Acew0rm took the find public ""</SPAN></P><P>&nbsp;</P><P><SPAN>If that doesn't sum up Netgears support (or lack of) with Firmware updates, I don't know what does!</SPAN></P><P>&nbsp;</P>Tue, 13 Dec 2016 18:06:39 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1187111#M44392BoDEAN2016-12-13T18:06:39ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1187134#M44399
<P>I flashed the beta firmware on my R6400 in the early hours and after some basic testing it seems the issue has been resolved.</P><P>&nbsp;</P><P>I tried&nbsp;2 different tests, all done in Edge and Firefox.</P><P>&nbsp;</P><P>-Running the reboot command directly: Was prompted for credentials</P><P>-Running the reboot command in a tab while another had routerlogin.net logged in: Was prompted for credentials once more</P><P>&nbsp;</P><P>The fact that a fix had come four months after being reported is still ridiculous, but at least I can now remain on stock firmware without jumping to open source solutions.</P>Tue, 13 Dec 2016 18:20:00 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1187134#M44399SeaSalt2016-12-13T18:20:00ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1187140#M44401
<P><LI-USER uid="371268"></LI-USER> Thank you for the confirmation that the beta resolved it. I will forward it to our engineering team your feedback.&nbsp;</P>
<P>Again, thank you and we appreciate your continued patience as we fix the&nbsp;issue.&nbsp;</P>Tue, 13 Dec 2016 18:27:24 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1187140#M44401ElaineM2016-12-13T18:27:24ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1187216#M44412
<BLOCKQUOTE><HR /><LI-USER uid="96469"></LI-USER> wrote:<BR />
<P>Hopefully we see an R7800 FW soon</P>
<P>&nbsp;</P>
<HR /></BLOCKQUOTE>
<P>The R7800 is not in the list of known affected models that we've verified are affected at this time. Are you running the latest firmware (please confirm the actual version number) and have you checked to see if your system is vulnerable?</P>Tue, 13 Dec 2016 22:41:55 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1187216#M44412mdgm-ntgr2016-12-13T22:41:55ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1187226#M44413
<P><LI-USER uid="3034"></LI-USER>&nbsp;Not a problem, I'm glad to hear a fix is on its way.</P><P>Hopefully you can nudge the engineering team a bit regarding features that still aren't there (android VPN support, for example).</P>Tue, 13 Dec 2016 19:45:29 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1187226#M44413SeaSalt2016-12-13T19:45:29ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1187232#M44415
<P>SeaSalt, I gave up on actual support from netgear and flashed my device with DD-WRT. &nbsp;At least I get actual support from the OpenSource community... &nbsp;You would figure that a company who actually makes money on a product would take support of their product more seriously than someone doing the job in their spare time for free... but apparently that is not the case. &nbsp;I owned the device less than a year and after spending a decent amount of money on it I had to wash my hands of the vendor... talk about disappointing!</P>Tue, 13 Dec 2016 19:58:01 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1187232#M44415climb742016-12-13T19:58:01ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1187251#M44423
<P><LI-USER uid="370681"></LI-USER>&nbsp;I agree, I'm incredibly dissapointed with my purchase. There's a lack of support from Netgear and that is unnerving for the price point of these products.</P><P>&nbsp;</P><P>I tried out the open-source solutions, and though the featureset satisfied me, the throughput for wireless and wired was much lower compared to Netgear's stock firmware. I can't jump ship just yet, at least until the open-source community improves the firmware.</P>Tue, 13 Dec 2016 20:44:22 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1187251#M44423SeaSalt2016-12-13T20:44:22ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1187253#M44425
<P><LI-USER uid="371268"></LI-USER> I installed <A href="http://xvtx.ru/xwrt/download.htm" target="_self">this</A> on, and I get BETTER speed on 2.4G. On 5G no change but there I already got the maximum speed. Also LAN works very well. So no stock roms for me anymore, also because off the poor design and lack of support.</P>Tue, 13 Dec 2016 20:50:44 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1187253#M44425GinaGerson2016-12-13T20:50:44ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1187256#M44426
<P><LI-USER uid="370382"></LI-USER>&nbsp;Thank you for the link, I'll definetly test this out on my R7000 later today.</P><P>&nbsp;</P><P>However there doesn't seem to be a similar solution for my R6400, which resides downstairs.&nbsp;My fingers are&nbsp;crossed for more support from other developers!</P>Tue, 13 Dec 2016 20:54:46 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1187256#M44426SeaSalt2016-12-13T20:54:46ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1187258#M44427
<P>But the vulnerbility is to the router's admin UI running on the internal LAN.&nbsp;&nbsp; Correct me if I am wrong but the UI</P><P>is not available to the WAN/Internet IP of the router unless remote administration is turned on?&nbsp;&nbsp;&nbsp; I'm not saying its not a bad problem just that it seems exploitable only from the LAN (wireless and wired).</P><P>&nbsp;</P><P>I tried limiting the administration to just a small internal IP range and the router would not allow the change saying invalid IP..&nbsp; perhaps if I had a PC with an internal static IP and I limited the UI to just that single IP?&nbsp; ( I know linksys allows the</P><P>adminUI to run on wired connections only...not so with the netgear).</P>Tue, 13 Dec 2016 21:01:55 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1187258#M44427RMinNJ2016-12-13T21:01:55ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1187262#M44428
<P>@RMinNJ&nbsp;It's -among other things- run from a script f.e. from a website you load &nbsp;on a browser on your pc, that's on your internal network. It's a real threat.&nbsp;</P>Tue, 13 Dec 2016 21:09:56 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1187262#M44428GinaGerson2016-12-13T21:09:56ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1187299#M44435
<P>Yeah, this is the last Netgear product I'll ever buy.</P><P>&nbsp;</P><P>I save my money to finally buy a nice premium router for my home, and this is the kind of treatment I get?</P>Tue, 13 Dec 2016 22:00:32 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1187299#M44435meetloaf2016-12-13T22:00:32ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1187316#M44439
<P>meetloaf we've already released beta firmware for your R7000 with a fix.</P>Tue, 13 Dec 2016 22:40:34 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1187316#M44439mdgm-ntgr2016-12-13T22:40:34ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1187332#M44443
<P>Netgear has had since August to address this issue and has done nothing. &nbsp;Anyone still using stock firmware is being foolhardy, Netgear has shown themselves to be inept and uncaring about their exisitng customer base. &nbsp;Here is the scoop from Toms Hardware;</P><P>&nbsp;</P><P><A href="http://www.tomshardware.com/news/netgear-critical-security-vulnerability-router,33173.html" target="_blank">http://www.tomshardware.com/news/netgear-critical-security-vulnerability-router,33173.html</A></P><P>&nbsp;</P><P>Again, I recommend to all R7000 customers that they download and install the Asus-Wrt firmware referenced earlier in this thread. &nbsp;</P>Tue, 13 Dec 2016 23:02:36 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1187332#M44443Gandolph2016-12-13T23:02:36ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1187398#M44455
<P>Thanks slot Netgear, I like knowing my router just hit its expiration date from every tech news outlet. &nbsp;Seeing recommendations that I shouldn't use the router from security officials is **bleep**ty when there was an opportunity to fix it</P>Wed, 14 Dec 2016 00:22:50 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1187398#M44455ScottKitty2016-12-14T00:22:50ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1187400#M44456
<BLOCKQUOTE><HR /><LI-USER uid="314602"></LI-USER> wrote:<BR /><P>But the vulnerbility is to the router's admin UI running on the internal LAN.&nbsp;&nbsp; Correct me if I am wrong but the UI</P><P>is not available to the WAN/Internet IP of the router unless remote administration is turned on?&nbsp;&nbsp;&nbsp; I'm not saying its not a bad problem just that it seems exploitable only from the LAN (wireless and wired)....</P><HR /></BLOCKQUOTE><P>&nbsp;</P><P>Could someone verify this?</P><P>&nbsp;</P><P>I realise that someone could trick me into visiting a web page with a script that executes the commands to give root access etc....</P><P>BUT, if I go to only reputable web sites that I have bookmarked and use noscript etc religiously, then is the risk mitigated or reduced substantially?</P>Wed, 14 Dec 2016 00:23:37 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1187400#M44456alokeprasad2016-12-14T00:23:37ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1187420#M44463
<LI-USER uid="173112"></LI-USER> I think if you keep your browsing contained you should be fine. Be wary of ads, however, and keep an eye on devices that comment to a lot of things over the internet.<BR /><BR />Web pages aren't just simple HTML pages anymore.Wed, 14 Dec 2016 01:09:17 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1187420#M44463SeaSalt2016-12-14T01:09:17ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1187431#M44464
<BLOCKQUOTE><HR /><LI-USER uid="343227"></LI-USER> wrote:<BR />
<P>Thanks slot Netgear, I like knowing my router just hit its expiration date from every tech news outlet.</P>
<HR /></BLOCKQUOTE>
<P>There is beta firmware with a fix available for your R7000 with production firmware on the way. Your router has not hit an "expiration date".</P>Wed, 14 Dec 2016 01:50:42 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1187431#M44464mdgm-ntgr2016-12-14T01:50:42ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1187470#M44474
While I am thankful for the beta, any clue as to when a final version will be out? I'm never comfortable running beta firmware on a router for too long of a time.Wed, 14 Dec 2016 04:52:02 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1187470#M44474Rilo402016-12-14T04:52:02ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1187482#M44478
<P>Putting an ETA on things like that is always difficult as it's difficult to predict how long QA testing will take. If both no regressions (issues not present in the previous firmware release) are found and included fixes are verified readily then it will be quicker than if we decide that there is more&nbsp;changes needed.</P>
<P>&nbsp;</P>
<P>Naturally we are as keen as you for this process to complete as quickly as possible and we will update the advisory when&nbsp;the final version is available.</P>
<P>&nbsp;</P>
<P>Thanks for your patience.</P>Wed, 14 Dec 2016 05:26:00 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1187482#M44478mdgm-ntgr2016-12-14T05:26:00ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1187554#M44481
<BLOCKQUOTE><HR /><LI-USER uid="308608"></LI-USER> wrote:<BR /><P>Netgear has had since August to address this issue and has done nothing.<BR /><BR /></P></BLOCKQUOTE><P>&nbsp;</P><P>How do you know that? It would be interesting to have evidence.</P><P>&nbsp;</P><P>&nbsp;</P>Wed, 14 Dec 2016 09:32:09 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1187554#M44481michaelkenward2016-12-14T09:32:09ZRe: Two leading Netgear routers are vulnerable to a severe security flawhttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1187563#M44483
<BLOCKQUOTE><HR /><LI-USER uid="259372"></LI-USER> wrote:<BR />
<P><BR />NETGEAR&nbsp;is&nbsp;aware of the security issue #582384 affecting R6250, R6400, R6700, R7000, R7100LG, R7300, R7900, R8000 routers. Stay updated here: <A href="http://kb.netgear.com/000036386/CVE-2016-582384" target="_blank">http://kb.netgear.com/000036386/CVE-2016-582384</A></P>
<P>&nbsp;</P>
...<HR /></BLOCKQUOTE>
<P>Please "pin" above link to the top of the page on home routers&nbsp; <A href="https://community.netgear.com/t5/WiFi-Routers/ct-p/home-wifi-routers" target="_self">https://community.netgear.com/t5/WiFi-Routers/ct-p/home-wifi-routers</A></P>
<P>&nbsp;This should be prominently listed on the top of every thread pertaining to the affected devices.</P>Wed, 14 Dec 2016 13:09:07 GMThttps://community.netgear.com/t5/Nighthawk-WiFi-Routers/NETGEAR-Routers-and-CVE-2016-582384-security-vulnerability/m-p/1187563#M44483alokeprasad2016-12-14T13:09:07Z